I found a small error in the "Configure virtual hosts using mod_proxy" section of this article.
If you are using multiple applications behind the same Apache server, on the same physical server, each reverse proxy configuration should exist in the same VirtualHost block.
The article seems to indicate that there should be multiple VirtualHost blocks, which I could not get to work.
an example...
<VirtualHost *:80> ServerName sub.domain.com ProxyRequests Off ProxyVia Block ProxyPreserveHost On <Proxy *> Require all granted </Proxy> ProxyPass /jira http://sub.domaincom:8080/jira ProxyPassReverse /jira http://sub.domain.com:8080/jira ProxyPass /wiki http://sub.domain.com:8090/wiki ProxyPassReverse /wiki "http://sub.domain.com:8090/wiki ProxyPass /bitbucket http://sub.domain.com:7990/bitbucket ProxyPassReverse /bitbucket http://sub.domain.com:7990/bitbucket RemoteIPHeader X-Forwarded-For </VirtualHost>
Generally, you would have multiple VirtualHosts for this type of configuration. That allows you to do individual logging and have uniquenesses in configuration per host.
do you have a working example of this? I couldn't get it to work.
using the above config, with separate VirtualHost blocks for each ProxyPass/ProxyPassReverse pair I would get 404 on `http://sub.domain.com/wiki`. however, `http://sub.domain.com/jira` would work fine, and `http://sub.domain.com:8090/wiki` would work.
just moving all the ProxyPass/ProxyPassReverse pairs into one block worked.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Here's what I typically do. This is an SSL configuration, but you can ignore that stuff if you don't plan to use SSL.
# Generic 80 -> 443 redirect <VirtualHost *:80> TimeOut 300 RewriteEngine on ReWriteCond %{SERVER_PORT} !^443$ RewriteRule ^/(.*) https://%{HTTP_HOST}/$1 [NC,R,L] </VirtualHost> # Jira proxy <VirtualHost *:443> DocumentRoot "/var/www/jira" ServerName jira.domain.com <Proxy *> Order deny,allow Allow from all </Proxy> SSLProxyEngine On ProxyRequests Off ProxyPreserveHost On ProxyTimeout 300 RequestHeader unset Authorization ProxyPass / http://127.0.0.1:8080/ retry=0 connectiontimeout=300 timeout=300 ProxyPassReverse / http://127.0.0.1:8080/ LogLevel info CustomLog /var/log/httpd/access_jira.domain.com.log combined ErrorLog /var/log/httpd/error_jira.domain.com.log SSLEngine on SSLProtocol all -SSLv2 -SSLv3 SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM:+LOW SSLStrictSNIVHostCheck off SSLCertificateFile /etc/httpd/conf/ssl/host.pem SSLCertificateKeyFile /etc/httpd/conf/ssl/host.key SSLCertificateChainFile /etc/httpd/conf/ssl/gd_bundle-g2-g1.crt </VirtualHost> # Confluence proxy <VirtualHost *:443> DocumentRoot "/var/www/confluence" ServerName confluence.domain.com <Proxy *> Order deny,allow Allow from all </Proxy> SSLProxyEngine On ProxyRequests On ProxyPreserveHost On ProxyTimeout 600 ProxyPass / http://127.0.0.1:8090/ retry=0 connectiontimeout=60 timeout=300 ProxyPassReverse / http://127.0.0.1:8090/ LogLevel info CustomLog /var/log/httpd/access_confluence.domain.com.log combined ErrorLog /var/log/httpd/error_confluence.domain.com.log SSLEngine on SSLProtocol all -SSLv2 -SSLv3 SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM:+LOW SSLCertificateFile /etc/httpd/conf/ssl/host.pem SSLCertificateKeyFile /etc/httpd/conf/ssl/host.key SSLCertificateChainFile /etc/httpd/conf/ssl/gd_bundle-g2-g1.crt </VirtualHost> # Stash proxy <VirtualHost *:443> DocumentRoot "/var/www/stash" ServerName stash.domain.com <Proxy *> Order deny,allow Allow from all </Proxy> SSLProxyEngine On ProxyRequests On ProxyPreserveHost On ProxyTimeout 300 ProxyPass / http://192.168.62.40:7990/ retry=0 connectiontimeout=300 timeout=300 ProxyPassReverse / http://192.168.62.40:7990/ LogLevel info CustomLog /var/log/httpd/access_stash.domain.com.log combined ErrorLog /var/log/httpd/error_stash.domain.com.log SSLEngine on SSLProtocol all -SSLv2 -SSLv3 SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM:+LOW SSLCertificateFile /etc/httpd/conf/ssl/host.pem SSLCertificateKeyFile /etc/httpd/conf/ssl/host.key SSLCertificateChainFile /etc/httpd/conf/ssl/gd_bundle-g2-g1.crt </VirtualHost>
I hope that helps.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.